2021-04-21 19:43:59
mitre
PUBLISHED
Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content type.